Security Operations Technical Lead
August Schell has a current job opportunity for a Security Operations Technical Lead on the DISA GSM-O program in Alexandria, VA.
This position provides technical leadership to the Joint Service Provider (JSP) Security Operations Center (SOC) lead and staff. Beyond advising and guiding technical matters, this position is tasked with driving implementation and adoption of new tools, capabilities, frameworks, and methodologies while ensuring those already in use are implemented and utilized properly.
•Provide technical leadership to JSP DCO Security Operations Center
•Drive implementation and adoption of new tools, capabilities, frameworks, and methodologies across all teams within the SOC
•Provide technical guidance and support to SOC lead
•Work with Security Infrastructure team to address issues with SOC tools and data feeds
•Identify and offer solutions to gaps in capabilities and visibility
•Promote and drive implementation of automation and process efficiencies
•Bachelor’s degree and 12+ years of prior IT experience. Additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
•5+ years of intrusion detection and/or incident handling experience.
•DoD 8570 IAT III and CSSP Infrastructure Support certifications required prior to starting
•Prior experience supervising employees of various labor categories and skills in efforts similar in size and scope to the JSP DCO program
•Advanced knowledge of solution development techniques and best practices related to demonstration, pilot, and test management and operations.
•Demonstrated advanced knowledge of industry accepted standards.
•Demonstrate experience with researching and fielding new and innovative technology;
•Demonstrate advanced experience in configuring cybersecurity tools to feed events, alerts, and logs to SIEM technologies.
•Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic finding.
•Strong analytical and troubleshooting skills.
•Must be a US Citizen.
•Must be Top Secret – Sensitive Compartmented Information (TS/SCI) Eligible (DIA Adjudicated or capable of reciprocal acceptance by DIA)
•Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
•Experience implementing automation to reduce mundane tasks and expedite processes.
•Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
•Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
•Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
•Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
- Must be a US Citizen or have permanent residence
- We seek out emerging technologies
- Align ourselves with progressive technology partners
- Provide our employees with challenging opportunities to unite the two.
- Comprehensive Medical Insurance
- Comprehensive Dental Insurance
- 401K Plan
- Tuition Reimbursement Plan
- Referral Bonus Program